25 matches found
EUVD-2015-0022
Malware in sbrugna...
EUVD-2022-3595
Malicious code in bioql PyPI...
SUSE CVE-2014-0157
Cross-site scripting XSS vulnerability in the Horizon Orchestration dashboard in OpenStack Dashboard aka Horizon 2013.2 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to inject arbitrary web script or HTML via the description field of a Heat template...
SUSE CVE-2015-3219
Cross-site scripting XSS vulnerability in the Orchestration/Stack section in OpenStack Dashboard Horizon 2014.2 before 2014.2.4 and 2015.1.x before 2015.1.1 allows remote attackers to inject arbitrary web script or HTML via the description parameter in a heat template, which is not properly handl...
OpenStack Dashboard (Horizon) Cross-site scripting (XSS) vulnerability
Cross-site scripting XSS vulnerability in the Orchestration/Stack section in OpenStack Dashboard Horizon 2014.2 before 2014.2.4 and 2015.1.x before 2015.1.1 allows remote attackers to inject arbitrary web script or HTML via the description parameter in a heat template, which is not properly handl...
GHSA-RHJJ-F6GQ-6GX2 OpenStack Dashboard (Horizon) Cross-site scripting (XSS) vulnerability
Cross-site scripting XSS vulnerability in the Orchestration/Stack section in OpenStack Dashboard Horizon 2014.2 before 2014.2.4 and 2015.1.x before 2015.1.1 allows remote attackers to inject arbitrary web script or HTML via the description parameter in a heat template, which is not properly handl...
Cross-site Scripting (XSS)
python-django-horizon is vulnerable to cross-site scripting XSS attacks. The vulnerability exists as the Orchestration/Stack section in OpenStack Dashboard Horizon 2014.2 before 2014.2.4 and 2015.1.x before 2015.1.1 allows remote attackers to inject arbitrary web script or HTML via the descriptio...
Cross-site Scripting (XSS)
OpenStack Dashboard horizon is vulnerable to cross-site scripting. A remote attacker is able to inject arbitrary Javascript into a victim's browser via the description field of a Heat template...
DEBIAN-CVE-2015-5295
The template-validate command in OpenStack Orchestration API Heat before 2015.1.3 kilo and 5.0.x before 5.0.1 liberty allows remote authenticated users to cause a denial of service memory consumption or determine the existence of local files via the resource type in a template, as demonstrated by...
UBUNTU-CVE-2015-5295
The template-validate command in OpenStack Orchestration API Heat before 2015.1.3 kilo and 5.0.x before 5.0.1 liberty allows remote authenticated users to cause a denial of service memory consumption or determine the existence of local files via the resource type in a template, as demonstrated by...
DEBIAN-CVE-2015-3219
Cross-site scripting XSS vulnerability in the Orchestration/Stack section in OpenStack Dashboard Horizon 2014.2 before 2014.2.4 and 2015.1.x before 2015.1.1 allows remote attackers to inject arbitrary web script or HTML via the description parameter in a heat template, which is not properly handl...
PYSEC-2015-40
Cross-site scripting XSS vulnerability in the Orchestration/Stack section in OpenStack Dashboard Horizon 2014.2 before 2014.2.4 and 2015.1.x before 2015.1.1 allows remote attackers to inject arbitrary web script or HTML via the description parameter in a heat template, which is not properly handl...
UBUNTU-CVE-2015-3219
Cross-site scripting XSS vulnerability in the Orchestration/Stack section in OpenStack Dashboard Horizon 2014.2 before 2014.2.4 and 2015.1.x before 2015.1.1 allows remote attackers to inject arbitrary web script or HTML via the description parameter in a heat template, which is not properly handl...
PYSEC-2015-40
Cross-site scripting XSS vulnerability in the Orchestration/Stack section in OpenStack Dashboard Horizon 2014.2 before 2014.2.4 and 2015.1.x before 2015.1.1 allows remote attackers to inject arbitrary web script or HTML via the description parameter in a heat template, which is not properly handl...
Cross site scripting
Cross-site scripting XSS vulnerability in the Orchestration/Stack section in OpenStack Dashboard Horizon 2014.2 before 2014.2.4 and 2015.1.x before 2015.1.1 allows remote attackers to inject arbitrary web script or HTML via the description parameter in a heat template, which is not properly handl...
CVE-2015-3219
Cross-site scripting XSS vulnerability in the Orchestration/Stack section in OpenStack Dashboard Horizon 2014.2 before 2014.2.4 and 2015.1.x before 2015.1.1 allows remote attackers to inject arbitrary web script or HTML via the description parameter in a heat template, which is not properly handl...
CVE-2015-3219
Cross-site scripting XSS vulnerability in the Orchestration/Stack section in OpenStack Dashboard Horizon 2014.2 before 2014.2.4 and 2015.1.x before 2015.1.1 allows remote attackers to inject arbitrary web script or HTML via the description parameter in a heat template, which is not properly handl...
openstack-horizon: XSS in Horizon orchestration dashboard when using a malicious template
Cross-site scripting XSS vulnerability in the Horizon Orchestration dashboard in OpenStack Dashboard aka Horizon 2013.2 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to inject arbitrary web script or HTML via the description field of a Heat template...
CVE-2014-0157
Cross-site scripting XSS vulnerability in the Horizon Orchestration dashboard in OpenStack Dashboard aka Horizon 2013.2 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to inject arbitrary web script or HTML via the description field of a Heat template...
CVE-2014-0157
Cross-site scripting XSS vulnerability in the Horizon Orchestration dashboard in OpenStack Dashboard aka Horizon 2013.2 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to inject arbitrary web script or HTML via the description field of a Heat template...